Author: Jen-Mei Wu

The Peacocks (and Peahens) are rebelling! If you haven’t heard of Peacock Rebellion, it’s an amazing group of queer and trans artists of color changing the world through words, images, performances, and magic. We’re really excited to be collaborating with them on future projects.

Share this:

Like this:

We’re going to have a community meeting and brunch on Sat. at 11a! Would be great to see y’all. We’re looking for volunteers to help with scheduling and organizing and spreading the word about the space, so please also invite your friends and anyone you know who might be able to make use of LOL!

Like this:

Yesterday (Saturday, December 20, 2014), we held a workshop for activists about security, privacy, and surveillance. The goal was to share information so that we were out there making the world a better place, we are aware of the ways that we can be tracked and what can be done about it.

Introductions included the usual (name plus preferred gender pronoun) and also security topics that people are interested in or could speak about. It became pretty clear there was a lot of interest in a variety of topics. So we next spent a few minutes writing topics on a whiteboard, grouping similar topics together, and then dot-voting on topics. In the end, we only covered the top three topics: tracking, best practices for operational security, and alternatives to tools that track us a lot. We spent the last half hour helping each other install secure tools and exchanging contact information.

A few things were clear:

There’s a lot to cover, and we need more workshops.* It’s really good to focus on specific needs. For example, it would be nice to have a focus workshop on collaborative tools that can be kept private and secure within the group that is working together.* We should spend more time helping people do things such as encrypting their phones, computers, and other devices; talking about the usage of encryption; installing tools like TextSecure, RedPhone, Tor, and VPNs.

We will definitely be holding more trainings/workshops/skillshares. In the meantime, here are the notes that we ended up taking (for those curious, we were using an EtherPad posted by riseup.net; collaborative editing w/o logging).

Security/privacy/surveilance discussion 12/20/14

Tracking (time limite 30 mintues)

Your phone is always tracking where you’re at, even after you disable “Location Services.” It does this to let cell phone towers know where you are. You can turn off GPS tracking…If you have a flip phone, they can only tell your location by cell phone tower. But it’s within a couple hundred feet. However multiple cell phone towers can triangulate your locaiton.– Every phone that does GPS, you’re actually hitting satellites, sometimes. This gives your relative position….. that gets reported to Google, Apple and whatever other services you’re connected to. Connecting your phone to wifi can give a fairly precise location.

One way to make your WiFi’s location not get stored by Google is to add _nomap to the end of the SSID (network name)

Riseup also povides free VPN services, aside from email and etherpad– Servers hosted by May 1st-Riseup etherpad link: https://pad.riseup.net/Riseup doesn’t keep logs on it servers for users, so if anyone comes asking for info, they won’t have anything to give them.

Most servers/websites do logging. It’s intended for troubleshooting… diagnostic logging, but it can be used for tracking, even inadvertently

Videotaping… videos has identifying info. Unique pattern in image grain that can be used to put together a profile of you…– When your phone is off, how much can you be tracked? – Sharing photos and online backup servirces. This data is out there. For Android phones, we know Google has this info. –

Face recognition in public

Who does tracking? Why?– NSA – huge servers to store everything. They can go back in the future and search through saved data. – Private Corporations and entities, third-party apps, etc. – Even if using encryption, if someone wants to crack it they could do that in the future potentially. – Data science, taking data and finding information from it, building a profile on based on statistical patterns, and diverse human habits and features,etc. – Marketing companies… doing it to make money. But they are making tools that makes it easier for other organizations like the NSA to track you. – Keyboard tracking… – Smartphone photos are automatically backed up to the cloud

What do we do about tracking?Does turning off your phone and keeping it away from your physical location, does this mean you are not being tracked? Apparently you can go online and reasearch making a Faraday Cage to avoid this. Snowden put his cell phone in the freezer/refrigerator – an operational anti-surveillance tactic – that avoided broadcasting any info.

For texting: see “Codes? What are they Good For?” discussing how codes have been used by different groups, try to create patterns, don’t let any silent periods happen that may raise a flag or suspicion? Use mundane terms instead of relying on codes that stick out like a sore thumb

Some text encryption apps are good for one on one, others for group textingCryptocat – it sets up on the spot encryption, it doesn’t keep logs, has a phone app, too – https://crypto.cat/TextSecure for Android (and it has a beta for iPhone?) – you can verify in person that their public key is authentic. It is pretty user friendly if you don’t want to set up a private key as listed below. This can be done for your phone. It has a central server.Redphone (for phone calls) – https://whispersystems.org/Signal (for iPhone right now but working on an Android version)OTR messagingixquick, (also called Startpage) – alternate search engine, based in EU, doesn’t trackDuckduckgo (search engine that doesn’t track your searches)SpiderOak – an alternative to Dropbox, Dropbox encrypts on transit but it is not encrypted st site of origin or final destinationTOR browserPond – and encryption tool; has a steep learning curve at the moment, but watch out for it, in beta. Adium, includes encryption

Encryption – Private and Public keys – you have a direct line to someone sharing a secret password, a key that someone gives you to send them an encrypted message (You can generate a key from your own computer and send it to someone by mutual and secret consent, and it can be verified face to face that there was nobody in the middle to intercept,

Tor – It hides your ip address, and you receive signals from peer-to-peer activities, It will not give out any location or id information about your computer, it’s connected by a Virtual Private Network of servers all over the world. Uses a proxy to hide your IP through the network. The router only knows the last id. Onion network, which has multiple layers. There are a lot of people helping to create this virtual network. It’s really useful in other countries where there is more censorship of websites. It’s important to be careful how you use it. It’s easy to screw up the anonymity of this tool if misused…

Virtual Private Network – Photon VPN or VPS, this is using\This would be a good start for a toolkit

Scenario for an action: get a lot of people to an action at a certain time, without public knowing ahead of time.

Another scenario: action to shut down OPD for four and a half hours. Avoided communicating over any networks. No notes, shut off phones and put them in another room. No one group knew everything that was happening. People know things on a “need to know” basis. In the end, you don’t talk about all the action details. Afterwards on’t post everyone’s photos on facebook and tag them or have clear agreement on how that is to be handled afterwards. Not a lot of things were being documented. Built on trusted relationships. Code words. Sucessful element of suprise.

Jail support team will collect name, contact info and any spescific info you will need help with if you get arrested.

Think about the contents of your wallet before an action.

Bring a sharpy. Write National Lawyers Guild number on your skin, like your arm.

Make sure you account for everyone. We each should be keeping track of someone else, and someone else keeping track of us.

Sometimes it’s good to not be too curious about something being organized. Try to know just what you need to know.

Shared agreements about communication channels. (i.e. don’t put plans online. But once action starts, groups will blast it out online. Not be tagged or photographed. Talking in person only.)

But it’s hard for everything to be private if the goal of an action is to be public.

If you’re always prepared for an action. Chains, steel pipes. If you stay ready, you don’t have to get ready.

Have a saftey team / support people for yourself.

It’s really good to have allies.

If you’re not part of an action, than it’s good to not know info. Don’t pry if you’re not involved.

It’s really good to know what your goals are. What are the security requirements? They might be different during the planning of an action verses after the actions starts and you’re trying to get the word out to the world.

Be aware of interrigation techniques. They might pretend that someone in your group already told them everything, in order to get you to start sharing info.

Stingrays can read traffic between phones. They can intercept communication and change the text of a message between phones. If you use encryption for text, it’s harder for them to see the content of your text messagse.

Before an action, it’s good to pick who will be arrestable, and it’s good if this person knows the least about the action. This better protects folks from giving out information about the action during an interrogation.

What two tools would be good to use for privacy, if you cannot have face to face conversation?– Redphone– Cryptochat, then use TextSecure to communicate URL.– Prepartion before hand, like doing secure communications trainings.

Like this:

Queer Care Winter 2014: NOURISH is taking place at LOL today. Come visit and hang out with herbalists, including Shootingstar Botanicals, who practice out of LOL! Event runs from 1p to 5p. Check the Facebook event for more info.

Sorry for not posting earlier … we tend to promote things over Facebook and Twitter and sometimes neglect the web site (need to kick that habit). Photos soon!

Like this:

We’re in the last few days of the LOL Indiegogo campaign, and are hoping to finish strong. Thanks to our absolutely wonderful supporters, we have already raised enough money to pay for basic operating expenses for about half of 2015. We are hoping to be able to extend that so we can expand our hours and give access to more people.

We originally started this space because we couldn’t find any hacker or maker spaces where we could look around and see other people like us. At the time, most spaces came out of hacker culture, and, like tech in general, most spaces were dominated by straight cis white (and sometimes Asian) men. Things have gotten better since then, especially for women — Mothership Hackermoms opened around the same time we did, and feminist hacker space Double Union opened last year, and Sudoroom in Oakland has made a concerted effort to be inclusive — but we are still the only space where you can go to any event and mostly see people of color (also more than half of our members are women, and a significant number are queer and trans folks).

Liking the LOL Facebook page — it’s where we post most updates the most frequently, and liking the page means you will occasionally see our posts (if Facebook decides that’s okay; they will guarantee it, though, if we pay them; funny how that works)

Like this:

We had a lot of fun at last year’s Winter Make-A-Thon, and so we’re bringing it back! This time, it’s going to be on Black Friday, 11/29 from noon until 5 PM.

Come join us! It would be really great to make stuff together and enjoy a nice relaxing day. The perfect alternative to the stressful frenzy that is the hallmark of Black Friday.

Just like last year, there will be several making station set up. We are planning on having stations for making jewelry from recycled bicycle parts, indoor gardening, 3-D printing, candlemaking, pie baking, and electronic cutting (and other paper arts).

We are open to suggestions on additional activities, too, so if you have something that you would like to do please suggest it to us and we can set aside some space for it!

We are also still looking for volunteers. It’s actually going to be pretty easy, really just showing up with a project you want to work on and being willing to share tools and knowledge with others.

Hope to see you there! If you’re on Facebook, please RSVP on the Make Everything Day event page and help us promote it!

The TechWomen program, managed by the Institute of International Education and funded by the Department of State, is currently looking for women living in the Bay Area who are passionate about Africa to get involved as Cultural Mentors for our program in October. I’ve included more details below and a flyer attached… The application deadline is August 1st.